According to Google's new Android Insight Report on the ecosystem, you're probably more likely to infect if you run Android Lollipop (5.0) as opposed to Android Pie (9). The same report shows that if you're paging apps, you're almost seven times more likely to get infected than if you stick to Google Play as your app source. All the information listed in the report is quite interesting, but there is a clear pattern among malicious software.

Google calls malware PHAs or potentially harmful apps. This distinction means that the same app may be potentially harmful to an Android version, but completely unscathed on another version. An app that attacks older APIs is potentially harmful if the device has an older Android version like Lollipop, but if you installed the same app on a phone running Android Pie, new security measures could have done it safely. [1

Given the above chart, you may think that the lower infection rates are a byproduct of fewer people running the new Android versions. But this is the number of devices that are infected with malicious code, so the total number of users has no impact. Lollipop PHA rate is 0.66%, while Pie PHA rate is 0.06%.

The difference in PHA speeds is almost as scary when you're just watching people installing apps from the Google Play store and comparing them with people who also have unsupported applications from external sources. Google Play users are infected at a rate of 0.09% globally, while side loaders are infected with a 0.61% clip.

Google continued to compare PHA infection rates by country, and the results are surprising. Indonesia and India (respective gold and green lines) had the worst interest rates of 0.65%, but the USA (black line) was the worst of 0.53%. You would think that the United States would be one of the richest countries in the world that there would be more flagship Android phones per capita than other countries. With flagship phones, they usually get updates more often than budget phones, people would be more protected on newer Android versions.

PHA rates per country. Image through Google Transparency Report

We can only speculate here, but the reason for the high PHA prices in the US can be double: More instances of page loaders per user and more phones from OEMs with bad Android update track records .

With Samsung being notoriously slow for Android updates, they must share the blame for the poorly malicious software in the United States. They are by far the most common Android brand in the United States, and they are one of the few manufacturers that have not yet updated a majority of their latest devices to Android Oreo, an OS upgrade that was made available 15 months ago.

While there is nothing you can do about a phone that does not receive updates (in addition to messing up and installing a custom ROM), you can safely improve your security by being vigilant for unzipped apps. If you must page load, at least make sure to download only APK from trusted sources like APKMirror or a trusted developer's official website.